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(54) DECODER 
(57)Abstract: 

PROBLEM TO BE SOLVED: To provide a decoder satisfying both of two 
requirements as secret information protection of user and ciphered data. 
SOLUTION: A scramble circuit 54 in a set-top unit 50 applies scramble processing 
with a 2nd system to digital image fed from a network and scrambled by a 1 st 
systemand the processed data are fed to a security module 70. A descramble 
circuit 72 of the security module 70 applies 1st descramble processing to the data 
and returns the result to the set-top unit 50. The data are subjected to 2nd 
descramble processing by a descramble circuit 50 in the set-top unit 50 and the 
processed data are outputted to an image display terminal equipment via an MPEG 
decoder 60. 



CLAIMS 



[Claim(s)] 

[Claim 1]A decoding device which decrypts data enciphered by the 1st 
methodcomprising: 

The 1 st unit that receives encryption data. 

The 2nd unit connected to the 1st unit enabling free attachment and detachment 
is providedA means for said 2nd unit to possess a means to decrypt data supplied 
from said 1 st unit by the 1 st methodand to return it to the 1 st unitand for said 1 st 
unit to encipher received data by the 2nd methodand to output to the 2nd unit. 
A means to decrypt data supplied from said 2nd unit by the 2nd method. 

[Claim 2]The decoding device according to claim 1 wherein a key signal which said 
1 st unit possesses a key generation means to generate encryption/decryption key 
of the 2nd methodand is outputted from said key generation means is not 



outputted to the exterior of the 1 st unit. 

[Claim 3]The decoding device according to claim 1 wherein a key signal which said 
2nd unit possesses a memory which has memorized a decryption key of the 1st 
methodand is outputted from said memory is not outputted to the exterior of the 
2nd unit. 

[Claim 4]The decoding device according to any one of claims 1 to 3wherein 
encryption/ decryption key of the 2nd method generated from a key generation 
means of said 1st unit is variable. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention]It is connected to a network etc. and this invention relates 
to the decoding device which decrypts the enciphered data which is supplied from 
a network etc. 
[0002] 

[Description of the Prior Art]In recent yearsa network progresses and various 
information services are provided. In order to prevent the 3rd person other than a 
genuine contractor from receiving information gratuitouslya purveyor of service 
enciphers information and passes on a network. A purveyor of service informs only 
a contractor of a decryption keyand only the contractor enables it to decrypt 
information correctly. Service of information is widely offered also not only in the 
network of a cable but in wireless LANtelevision broadcastingetc. 
[0003]As a conventional example of such a decoding devicethere is a device as 
shown in drawing 1 . Although this device consists of the set top unit 1 0the 
security module 20and IC card 30actuallyit is unified and the set top unit 10 and 
the security module 20 are realized as one product (decoding device). And only IC 
card 30 serves as this product with the different body. 

[0004]The encryption data (hereencryption considers it as scramble-ization and 
calls encryption data scramble data hereafter) supplied from the network (it is an 
antenna in the case of wireless LAN and television broadcasting) is inputted into 
the receiver / demodulator 12 of the set top unit 10. In this exampleoriginal data 
presuppose that it is the digital image data coded with the MPEG system. The 
output (scramble data) of a receiver / demodulator 1 2 is supplied to the security 
module 20and is inputted into the descramble circuit 22 and the filter 24. 
[0005]The filter 24 takes out ECM and EMM from the inputted stream dataand 
supplies them to the interface 26. ECM and EMM are data defined in MPEG 2and 
Entitlement control message and EMM of ECM are the abbreviation for 
Entitlement management message. When the scramble of the pay load of the 
packet of the MPEG transport stream which transmits a picture and voice data is 
specifically carried outit is the stream included the control information passed in 
the transport stream. 



[0006]A key (key) required for ECM in order to solve the scramblea program 
number (by MPEG 2a program means the meeting of a picture and a voice data 
stream with common time base)The information for access control peculiar to the 
stream of its picture and voice datasuch as a fee of a programis included. 
[0007]The information for the access control about the whole system is included 
in EMM. For examplea user's new enrollmenta new program numberetc. are 
contained. Thusthe stream containing ECM and EMM which are sent by mixing the 
filter 24 with the stream of the coded picture and voice data (if it is a program 
stream) If it is program stream map and a transport streamfiltering for taking out a 
stream called TS program map section will be performed. This filtering is 
performed according to the value of PID (packet ID) currently assigned to the 
packet or stream ID. 

[0008]The interface 26 is connected to IC card 30 which a contractor owns. The 
purveyor of service who is a sending person of digital image data writes 
beforehand the password of the descrambling key corresponding to the scramble 
at the time of transmissionand a useretc. in IC card 30and hands this to a user at 
the time of a contract. 

[0009]the person himself/herself of a kind [ own / in the system of drawing 1 / 
the decoding device (it consists of the set top unit 10 and the security module 
20) ] — although it is attestedin order to cope with the theft of a deviceetc. — 
actual — the persons themselves himself/herselfsuch as a password examination- 
- attestation is performed. 

[001 0]lf the interface 26 is connected with IC card 30 and attestation is 
successfula descrambling key will be inputted into the descramble circuit 22 in the 
security module 20 from IC card 30. 

[001 1]The descramble circuit 22 descrambles the scramble data supplied from the 
set top unit 1 0 using this descrambling keyand returns original MPEG coding digital 
image data to the set top unit 10. Original data are outputted to the user terminals 
(image display device etc.) which are not illustrated via the multiplexer 1 4 in the 
set top unit 10and MPEG decoder 16. MPEG decoder 16 builds in an analog-to- 
digital conversion machineand outputs an original analog picture signal. 
[0012]Thusdescrambling of scramble data is performed by the security module 
20and original MPEG coding digital image data is supplied to the set top unit 10. 
Thereforeit becomes possible [ descrambling ] only for a genuine user. 
[0013]Howeverin this decoding devicethe confidential information of userssuch as 
a descrambling keyappears in the interface 26. For this reasona user's confidential 
information may be stolen by the 3rd person via this interfaceand there is a 
problem in respect of user protection and security. 

[0014]Thenin order to avoid thiswhat (let the set top unit 10 and the security 
module 20 be different bodies) IC card 30 and the security module 20 are unified 
also for is considered. In this casealthough it is lost that a user's confidential 
information is stolen by the 3rd personSince the original digital image data 
descrambled by the interface between the security module 20 and the set top unit 
1 0 appearsthis may be used unjustly and it is a threat to a purveyor of service 



(copy etc.). The problem mentioned above is similarly produced in circulation etc. 
of the packed softwarewithout being restricted in the case of decoding of the 
information supplied via a network. 
[0015] 

[Problem(s) to be Solved by the Invention]Thusthe conventional decoding device 
had the fault that it was impossible to satisfy both two demands called a user's 
confidential information protection and protection of encryption data. While this 
invention was made that the situation mentioned above should be coped with and 
the purpose can protect a user's confidential informationit is providing the 
decoding device which can prevent the illegal use of encryption data. 
[0016] 

[Means for Solving the Problem]As for a decoding device by this inventionthis 
invention is characterized by that a decoding device which decrypts data 
enciphered by the 1st method comprises the following. 
The 1 st unit that receives encryption data. 

The 2nd unit connected to the 1st unit enabling free attachment and detachment 
is providedA means for said 2nd unit to possess a means to decrypt data supplied 
from said 1 st unit by the 1 st methodand to return it to the 1 st unitand for said 1 st 
unit to encipher received data by the 2nd methodand to output to the 2nd unit. 
A means to decrypt data supplied from said 2nd unit by the 2nd method. 

[0017]Said 1st unit possesses a means to generate encryption/decryption key of 
the 2nd methodand a signal outputted from said generating means is characterized 
also by not being outputted to the exterior of a uniteither. 
[0018]Said 2nd unit possesses a memory which has memorized a decryption key 
of the 1 st methodand a signal outputted from said memory is characterized also 
by not being outputted to the exterior of a uniteither. 
[0019]Encryption/decryption key of the 2nd method generated from a key 
generation means of said 1st unit is characterized also by being variable. Since 
only data in which 2nd encryption is performed at least appears in an interface 
between the 1 st unit and the 2nd unit according to the decoding device by this 
inventionan illegal use of encryption data can be prevented. 

[0020]Since a user's confidential information is not outputted outside from the 2nd 
unita user's confidential information can also be protected. Since 
encryption/decryption key of the 2nd method is not outputted outside from the 
1st unitits a possibility that this key will be detected by the 3rd person is 
dramatically small. Since encryption/decryption key of the 2nd method is 
variablethere are dramatically few possibilities that this key will be detected by the 
3rd person. 
[0021] 

[Embodiment of the Invention] Hereafterwith reference to drawingsa 1st 
embodiment of the decoding device by this invention is described. Drawing 2 is a 
block diagram of a 1 st embodiment. This embodiment serves as the set top unit 50 
from the security module 70and unlike a conventional examplethese are made into 



a different bodyit can detach and attach freelyand an interface exists among both. 
[0022]The set top unit 50 consists of a receiver / demodulator 52the scramble 
circuit 54the descramble circuit 56the demultiplexer 58MPEG decoder 60and the 
key control circuit 62. The security module 70 consists of the descramble circuit 
72and the attestation/access control circuit 74. The security module 70 may be 
realized as a form of an IC card. 

[0023]The encryption data (MPEG digital image data by which scramble is carried 
out) supplied from the network or the antenna is inputted into the receiver / 
demodulator 52 of the set top unit 10 like a conventional example. Scramble 
processing is performed by the server side of the information provider who does 
not illustrateand calls this scramble processing the 1st scramble processing (S A ). 
The output of a receiver / demodulator 52 is supplied to the scramble circuit 54 
which performs the 2nd different predetermined scramble processing (S B ) from the 
1 st scramble processing (S A ) by the side of a serverand the key control circuit 62 
which controls the key of the 2nd scramble processing. 

[0024]If data is supplied from a receiver / demodulator 52the key control circuit 
62The scramble key for the 2nd scramble processing and the descrambling key 
corresponding to this are generatedand a scramble key and a descrambling key are 
supplied to the scramble circuit 54 and the descramble circuit 56respectively. If 
the 1st and 2nd descrambling processing is made into D A and D B The key control 
circuit 62 generates the scramble key for the 2nd scramble processing with which 
it is satisfied of D B D A S B and S A =I (I: identity matrix)and a descrambling key. 
[0025]The scramble circuit 54 performs the 2nd scramble processing (S B ) using 
the scramble key from the key control circuit 62. The output of the scramble 
circuit 54 is supplied to the security module 70and it is inputted into the 
descramble circuit 72 which performs the 1st descrambling processing (D A ). 
[0026]The descramble circuit 72 performs the 1 st descrambling processing (D A ) to 
the data supplied from the set top unit 50 using the descrambling key supplied 
from attestation / access control circuit 74and returns descrambling data to the 
set top unit 50. The purveyor of service who is a sending person of digital image 
data writes beforehand the descrambling key corresponding to the 1 st scramble 
processing at the time of transmission in attestation / access control circuit 
74and hands this to a user at the time of a contract. Thereforethe data in which 
the 1st scramble of a set and the data supplied to PUYUNITTO 50 was canceled 
of the network is obtained from the descramble circuit 72. Howeverthe 2nd 
scramble processing (S A ) by the scramble circuit 54 is performed to this data. 
[0027]Instead of the conventional IC cardthe password of the descrambling key 
and the useretc. are written in by the purveyor of serviceand attestation / access 
control circuit 74 serves as attestation of a kind [ own / the security module 70 
which contained this ]. 

[0028]Within the set top unit 50the descramble circuit 56 performs the 2nd 
descrambling processing (D B ) to input data using the descrambling key supplied 
from the key control circuit 62and reproduces original MPEG coding digital image 
data. It is outputted to the user terminals (image display device etc.) which the 



output of the descramble circuit 56 does not illustrate via the demultiplexer 58 
and MPEG decoder 60. MPEG decoder 60 builds in an analog-to-digital conversion 
machineand outputs an analog picture signal. 

[0029]Operation of this embodiment is explained with reference to drawing 3 . 
Drawing 3 is a figure extracting and showing only scramble processing and 
descrambling processingand also shows here the 1st scramble circuit 42 that 
performs the 1 st scramble processing (SA) by the side of the server 40. If original 
digital data is set to Mthe 1 st scramble circuit 42 in the server 40 will output data 
S A (M) which carried out scramble processing by the 1st method. 
[0030]If this data is received by the set top unit 50the 2nd scramble circuit 54 will 
perform the 2nd scramble processing to this dataand will output S B (S A (M)). For 
this reasonthe data by which scramble was doubly carried out with the 1 st and 
2nd scrambling system is supplied to the security module 70 from the set top unit 
50. Since this data cannot be descrambled even if it is stolen by the 3rd 
personoriginal data cannot be reproduced but there are no worries about the illegal 
use of original digital data. 

[0031 ]The 1st descramble circuit 72 in the security module 70Descrambling 
processing (D A ) of the 1st method is performed to this double scramble dataD A (S B 
(S A (M))) =S B (M) is outputtedand the set top unit 50 is returned. For this 
reasonthe data by which scramble was carried out by the 2nd method is supplied 
to the set top unit 50 from the security module 70. Since this data cannot be 
descrambledeithereven if it is stolen by the 3rd personoriginal data cannot be 
reproduced but there are no worries about the illegal use of original digital data. 
Since it is generated in the key control circuit 62 in the set top unit 50the key in 
particular of the 2nd scramble processing cannot leak outsideand can prevent the 
illegal use of the 3rd person of original data. 

[0032]The 2nd descramble circuit 56 in the set top unit 50 performs descrambling 
processing (D B ) of the 2nd method to this input dataand outputs D B (D A (S B (S A 
(M)))). Since the key control circuit 62 is chosen so that the 2nd scramble 
processing / descrambling processing S B and D B may be set to D B D A S B and S A =I as 
mentioned abovelt is set to D B (D A (S B (S A (M)))) =Mand the descramble circuit 56 
can reproduce original data. D B D A S B andS A =I is not necessarily D A andS A =D B andS B =I. 
[0033]Thusaccording to this embodimentfor the interface between the set top unit 
50 and the security module 70. Since original digital data does not appearthe illegal 
uses (copy etc.) of original digital data are impossibleand a purveyor's of service 
protection can be performed enough. Since the interface of an IC card and a 
security module does not exist like beforethe confidential information of userssuch 
as a password and a descrambling keyis not stolen by the 3rd person. 
[0034]In order to raise securityin additionthe key control circuit 62 is effectiveif 
the key for the 2nd scramble processing is changed into a commuter's 
ticket/stage amphiboles. That isa possibility that the key of the 2nd scramble will 
be detected is not 0 by monitoring the data outputted from the set top unit 50. 
Howeversuch a possibility can be substantially set to 0 by making a key variable. 
[0035]There are the following effects by using the set top unit 50 and the security 



module 70 as a different body. Two or more users can share the set top unit 50. 
That isone set of the set top unit 50 can be installed in a homeand the security 
module 70 with a family's peculiar each can also be owned. Although it is possible 
that a scrambling system changes with purveyors of serviceit can be coped with 
by one set of the set top unit 50 by including a descrambling function peculiar to a 
purveyor of service in a security module even in this case. 
[0036]This invention is not limited to the embodiment mentioned abovebut 
changes variouslyand is feasible. For examplein above-mentioned 
explanationalthough encryption was explained as scramble-izingencryption usual 
[such as not only this but a RSA methoda DES methodetc. ] may be sufficient as 
it. Not only image data but voice dataa video dataetc. may be sufficient as the 
data supplied from a network. The supplying form of data can be applied not only 
when supplied via a networkbut when supplied via a storage. 
[0037] 

[Effect of the Invention]As explained abovewhile being able to protect a user's 
confidential information according to this inventionthe decoding device which can 
prevent the illegal use of encryption data is provided. 
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[Brief Description of the Drawings] 

[Drawing 1] The block diagram showing the composition of the conventional 
decoding device. 

[Drawing 2] The block diagram showing the composition of a 1 st embodiment of the 
decoding device by this invention. 

[Drawing 3] The schematic diagram showing the scramble descrambling processing 
of a 1st embodiment. 
[Description of Notations] 
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